Check your settings below and select the cookies you’re happy with.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any information which allows us to identify you unless you are logged into your account.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.

Functional Cookies

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly information which allows us to identify you personally but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Find out more about www.allaboutcookies.org or view our cookie policy.

Skip to main content

Home
Technical Standards
2021
Strong Customer Authentication and Common and Sec...
Chapter 2 Security measures for the application of...
Article 9 Independence of the elements

You are viewing the version of the document as on 2021-01-01.

Article 9 Independence of the elements

01/01/2021

(1)
Payment service providers shall ensure that the use of the elements of strong customer authentication referred to in Articles 6, 7 and 8 is subject to measures which ensure that, in terms of technology, algorithms and parameters, the breach of one of the elements does not compromise the reliability of the other elements.
(2)
Payment service providers shall adopt security measures, where any of the elements of strong customer authentication or the authentication code itself is used through a multi-purpose device, to mitigate the risk which would result from that multi-purpose device being compromised.
(3)
For the purposes of paragraph 2, the mitigating measures shall include each of the following:
1. (a)
  the use of separated secure execution environments through the software installed inside the multi-purpose device;
2. (b)
  mechanisms to ensure that the software or device has not been altered by the payer or by a third party;
3. (c)
  where alterations have taken place, mechanisms to mitigate the consequences thereof.